Error checking in ioctl(2)?
Garrett Cooper
yanefbsd at gmail.com
Fri Apr 23 01:01:20 UTC 2010
On Thu, Apr 22, 2010 at 5:51 PM, Xin LI <delphij at delphij.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2010/04/22 17:45, Garrett Cooper wrote:
>> On Thu, Apr 22, 2010 at 4:36 PM, Matthew Fleming
>> <matthew.fleming at isilon.com> wrote:
>>>> Hi hackers,
>>>> I realize that this isn't 100% userland code, so the checks should
>>>> be minimalized, but when looking at the ioctl(2) syscall code (at
>>>> least I think it is... there's another dupe hanging around in
>>>> sys/dev/hptmv/ioctl.c), I had some questions related to the error
>>>> handling not being done in the code:
>>>>
>>>> if (size > 0) {
>>>> if (com & IOC_VOID) {
>>>> /* Integer argument. */
>>>> arg = (intptr_t)uap->data;
>>>> data = (void *)&arg;
>>>> size = 0;
>>>> } else
>>>> data = malloc((u_long)size, M_IOCTLOPS,
>>>> M_WAITOK); /* XXX: can fail -- do we care? */
>>>
>>> malloc(9) with M_WAITOK cannot return NULL. So the rest of your XXX
>>> comments are not at issue.
>>>
>>> Also, free(9) is documented to do the right thing when asked to
>>> free(NULL).
>>>
>>> copyin/copyout are really just bcopy but unlike most kernel code they
>>> are allowed to take a page fault. They deal with this by setting a
>>> function pointer in PCB_ONFAULT, which is used in trap() to set a return
>>> instruction pointer.
>>
>> Matt,
>> Awesome. I can see I need to do a bit more reading in malloc(3) :)...
>> Thanks for the info!
>
> It's actually malloc(9)... I personally feels it pretty confusing at
> the beginning when I learned about it.
Yeah... that makes more sense. It'd be kind of stupid to go
through the libc shim to get to kernel memory management.
Thanks for the correction :},
-Garrett
More information about the freebsd-hackers
mailing list